NSA work inspires cybersecurity startups

WASHINGTON — The surveillance factory that is the National Security Agency produces more than secrets. It also drives the development of new technologies, some of which are spilling out into the world at large.

Often the entrepreneurs with the inside track are former government employees who had a hand in creating the technology and realized that the advances might find a larger market among Internet users and businesses.

Former NSA Internet security architect Will Ackerly, for instance, left the agency in 2012 to found VirTru, an email security startup, with his brother John Ackerly, who was associate director of the National Economic Council and director of the Office of Policy and Strategic Planning at the Commerce Department under President George W. Bush. The two run the business out of an office in Washington’s Dupont Circle and are publicly launching a free version of their product this week.

VirTru allows people to encrypt emails they send to others, revoke messages from recipients after they have been sent and prevent unauthorized viewers from intercepting messages. It is based on a technology framework called “trusted data format” that Will Ackerly was helping to develop at the NSA, where he worked for eight years directly after he graduated from the Rose-Hulman Institute of Technology in Indiana. Ackerly patented this technology in 2011 while still an NSA employee.

“I pivoted a little in my own time to come up with a way … to make the [technology] super easy and transparent for people to use,” Will Ackerly said.

John Ackerly said a growing number of cybersecurity hacks — and security breaches such as the one that allowed Edward Snowden to reveal state secrets — could create a market for software like VirTru.

“The fundamental motivator here is … the need to give individuals practical tools to exercise their fundamental right to privacy,” John Ackerly said.

VirTru has raised $4 million in early-stage funding so far, and though the initial public version is free, the Ackerlys hope to introduce premium features later.

Will Ackerly said VirTru is staying in the Washington area to “be close to policymakers, privacy experts — it’s a great ecosystem.”

VirTru often taps into a network of local cryptography and security experts to product-test its software, he explained.

Morta Security, a Silicon Valley-based cybersecurity startup, also has NSA roots. Raj Shah, a former Air Force pilot and McKinsey & Co. consultant, founded the company with two NSA engineers, and the team specializes in protecting large networks from cyberattack. Morta Security was acquired by Palo Alto Networks for an undisclosed sum two weeks ago.

“If you’re focused on the government customer, D.C. is the place to be. It just all depends on what your end goal is — if you’re focused more on commercial customers, the West Coast has advantages,” Shah said.

Adam Fuchs, a former NSA computer systems researcher for the NSA, left the agency in 2012 with developers John Vine, Phil Eberhardt, Luke Brassard and contractor Chris McCubbin to found Sqrrl, a big data startup specializing in creating searchable databases. Ely Kahn, former director of cybersecurity at the National Security Staff in the White House, is also a founding member.

The NSA co-founders had been developing a database software called Accumulo since 2008 — the technology now serves as the foundation for Sqrrl’s product, Kahn explained.

“Their real desire was to increase adoption of Accumulo at a global level,” Kahn said, noting that the team “wants to see the database be adopted far and wide by various organizations,” even outside the NSA.

In 2011, the NSA released the source code behind Accumulo — once the software was open source, the team began thinking about its applications in the private sector, according to Sqrrl.

The Cambridge, Mass.-based startup raised $5.2 million from investors including Atlas Ventures and Matrix Partners in October.

Here at MaineToday Media we value our readers and are committed to growing our community by encouraging you to add to the discussion.

To ensure conscientious dialogue we have implemented a strict no-bullying policy. To participate, you must follow our Terms of Use. Click here to flag and report a comment that violates our terms of use.